Not a valid ASN.1 file

Question

Not a valid ASN.1 file

slaff opened this issue 8 years ago · comments

When integrating the code in another ESP8266 framework I am getting the following error before handshake.

Error: This is not a valid ASN.1 file
Error: Invalid X509 ASN.1 file (X509 not ok)

What can be the reason for this? With the Linux axtls code (without additions from this repo) it seems to work. Any suggestion?

Ivan Grokhotkov · Answer 1 · Thu Mar 03 2016 19:30:45 GMT+0800 (China Standard Time)

Which server should I use to reproduce this?

slaff · Answer 2 · Thu Mar 03 2016 19:56:11 GMT+0800 (China Standard Time)

I used the following key and certificate and I got this response testing with www.google.com and a lot of other servers. Actually I do not remember not getting this error.

Ivan Grokhotkov · Answer 3 · Thu Mar 03 2016 21:51:26 GMT+0800 (China Standard Time)

I wonder why would you need client certificate when you connect to google.com... If the server doesn't request client certificate it is not used.
Anyway, I'll check and see what's the issue with certificate loading.

Noel Georgi · Answer 4 · Fri Mar 18 2016 14:22:00 GMT+0800 (China Standard Time)

is this because the client certificate was generated without -addtrust clientAuth in openssl?

slaff · Answer 5 · Fri Apr 08 2016 23:58:02 GMT+0800 (China Standard Time)

@igrr @noelgeorgi It turned out that the key and certificate that I was passing to ssl_obj_memory_load were in PEM format, whereas axTLS expects them at that stage to be in DER format. Passing the data in DER format fixed the issue.